<?php

namespace App\Http\Middleware;

use Closure;

class RbacPermissionMiddleware2
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        // dd($request->sesson()->all());
        //取得允许的权限
        $i = 2;
        $a = func_get_args();
        while ($i < func_num_args()) {
            $permission[] = $a[$i];
            $i++;
        }

        $alow_permission = $request->session()->get('admin_user_permission');

        //$permission 是登录用户所有的权限
        //$alow_permission  是路由所允许的权限
        
        if (!array_intersect($permission, $alow_permission)) {
            return 2;
        }
        
        return $next($request);
    }
}
